Create a gist now

Instantly share code, notes, and snippets.

ApplyProtectionFromCSRF function
// Gist associated with http://0xdabbad00.com/2015/04/03/choosing_libraries_for_go_web_servers/
// ApplyProtectionFromCSRF makes all POST messages check for a csrf_token
func (application *Application) ApplyProtectionFromCSRF(c *web.C, h http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
protected := nosurf.New(h)
failureHandler := func(w http.ResponseWriter, r *http.Request) {
log.Errorf("Possible CSRF attack")
w.Write([]byte("400: Request could not be handled"))
w.WriteHeader(400)
}
protected.SetFailureHandler(http.HandlerFunc(failureHandler))
protected.ServeHTTP(w, r)
}
return http.HandlerFunc(fn)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment